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DETAILED ACTION 

1. Claims 1-40 are pending. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which 
forms the basis for all obviousness rejections set forth in this 
Office action: 

(a) A patent may not be obtained though the invention is not identically 
disclosed or described as set forth in section 102 of this title, if the 
differences between the subject matter sought to be patented and the prior 
art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the 
art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

3. Claims 1-6, 10, 20-21, 23, 25-27, 29-30 are rejected under 
35 U.S.C. 103(a) as being unpatentable over Micali (US 5717757) 
and further in view of Carroll (US 6105131) . 

As per claims 1 and 20, Micali discloses a communication 
network; a server coupled to said communication network for 
determining a revocation status of a digital certificate in 
response status request; a client coupled to said server through 
said communication network for transmitting said status request 
to said server, wherein a reply from said server to said client 
notifies said client of said revocation status; and transferring 
said reply automatically (see column 5 line 63 through column 6 
line 5) . 
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Micali fails to disclose an on-line secure communication 
session over said communication network between said client and 
said server for securely transferring said reply automatically. 

However, Carroll teaches such a secure communication 
session (see column 2 lines 56-67) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Carroll's secure 
communication to transmit Micali' s response. 

Motivation to do so would have been to provide end-to-end 
secure communications . 

As per claim 2, the modified Micali and Carroll system 
discloses the digital certificate is associated with information 
requested by said client and transferred to said client by said 
server (see column 5 line 63 through column 6 line 5 and column 
1 lines 58-65) . 

As per claims 3-4, and 23, 25, the modified Micali and 
Carroll system discloses the use of SSL for authentication and 
secure communications (see Carroll column2 lines 56-67) . 

As per claims 5-6, and 26-27, the modified Micali and 
Carroll system discloses the use of a current CRL (see Micali 
column 2 lines 15-40) . 

As per claim 10, modified Micali and Carroll system fails 
disclose the request being a HTTP POST request. 
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However, Official Notice is taken that at the time of the 
invention it would have been obvious to one of ordinary skill 
for the modified Micali and Carroll request to be a POST 
request. Motivation to do so would have been to all for the use 
of HTTP. 

As per claims 21 and 30, modified Micali and Carroll system 
discloses securely transferring the revocation status before 
transferring any other information (see column 5 line 63 through 
column 6 line 5) . 

As per claim 29, modified Micali and Carroll system 
discloses notifying the client of the revocation status without 
including a second digital certificate authenticating said 
replay over the secure communication session (see column 5 line 
63 through column 6 line 5) . 

4. Claim 22 is rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified Micali and Carroll system as 
applied to claim 20 above, and further in view of Rubin et al 
(US 20020099822) . 

As per claim 22, the modified Micali and Carroll system 
fails to disclose polling the system for the certificate 
information. 

However, Rubin et al teaches polling for certificate 
information (see paragraph 5) . 
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At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Rubin et al's 
method polling to obtain the certificate information of the 
modified Micali and Carroll system. 

Motivation to do so would have been to distribute 
revocation information to verifiers. 

5. Claims 9, 11-14, 17-19, 31-34 and 40 are rejected under 35 
U.S.C. 103(a) as being unpatentable over the modified Micali, 
Carroll and Rubin et al system as applied above, and further in 
view of Geiger et al (US 6463534).. 

As per claims 9, 11, and 31, the modified Micali, Carroll, 
and Rubin et al system teaches all the claimed limitations 
except the limitation of transferring a software patch. 

However, Geiger et al teaches the use of a software patch 
(see column 13 line 66 through column 14 line 8) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to transfer the software 
patch of Geiger et al after the revocation status reply. 

Motivation to do so would have been to enable content. 

Claims 12-14, 17-19, 32-34 and 40 are similarly rejected as 
in the claims above. 

6. Claims 7, 15, 28, 36-37 rejected under 35 U.S.C. 103(a) as 
being unpatentable over the modified Micali, Carroll, Rubin et 
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al and Geiger et al system (in various forms as applied above) 
and further in view of Myers et al (RFC 2560) . 

As per claims 7 , 15, 28, 36-37, the modified Micali, 
Carroll, Rubin et al and Geiger et al system (in various forms 
as applied above) fails to disclose sending different responses 
depending on the determination if the certificate is valid or 
revoked and whether the request was formatted correctly. 

However, Myers et al teach these limitations (see section 

2.2) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Myers et al's 
responses in the modified Micali, Carroll, Rubin et al and 
Geiger et al system (in various forms as applied above) . 

Motivation to do so would have been to obtain timely 
information regarding the revocation status of a certificate. 
7. Claims 8, 16, and 39 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over the modified Micali, Carroll, Rubin et 
al and Geiger et al system (in various forms as applied above), 
and further in view of Simpson (PGP DH vs. RSA FAQ) . 

As per claims 8, 16 and 39, the modified Micali, Carroll, 
Rubin et al and Geiger et al system (in various forms as applied 
above) teaches loading the CRL and authenticating it but fails 
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to disclose assuming all are revoked if the authentication 
fails . 

However Simpson teaches this type of assumption (see page 2 
last paragraph) 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to take Simpson's teaching 
of assuming the worst to assume all certificates are revoked if 
the authentication fails in the modified Micali, Carroll, Rubin 
et al and Geiger et al system (in various forms as applied 
above) . 

Motivation to do so would have been to give a margin for 
error . 

8. Claims 24, 35 and 38 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over the modified Micali, Carroll, Rubin et 
al and Geiger et al system (in various forms as applied above), 
and further in view of Goddard (US 20020055980) . 

As per claim 38 the modified Micali, Carroll, Rubin et al 
and Geiger et al system fails to disclose terminating the 
communication session if the status request is bad. 

However Goddard teaches such limitation (see paragraph 66) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to terminate the 
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connection of the modified Micali, Carroll, Rubin et al and 
Geiger et al system (in various forms as applied above) . 

Motivation to do so would have been to prevent the 
connection to be used for a certain period. 

Conclusion 

9. The prior art made of record and not relied upon is 
considered pertinent to applicant's disclosure. Dickinson et al 
(US 6853988) teaches polling, SSL and CRLs; Patrick (US 
20020188869) teaches CRLs, polling and SSL; Yeager et al (US 
20030028585) teaches SSL and CRLs; Hope et al (US 20030079125) 
teaches CRLs, Polling and SSL; and Russell et al (US 
20020049679) teaches CRLs, polling and SSL. 

Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Michael 
Pyzocha whose telephone number is (571) 272-3875. The examiner 
can normally be reached on 7:00am - 4:30pm first Fridays of the 
bi-week off. 

If attempts to reach the examiner by telephone are 
unsuccessful, the examiner's supervisor, Andrew Caldwell can be 
reached on (571) 272-3868. The fax phone number for the 
organization where this application or proceeding is assigned is 
703-872-9306. 
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Information regarding the status of an application may be 
obtained from the Patent Application Information Retrieval 
(PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, 
see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free) . 
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ANDREW CALDWELL 
SUPERVISORY PATENT EXAMINER 



